diff options
| -rw-r--r-- | modules/m_dns.cpp | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/modules/m_dns.cpp b/modules/m_dns.cpp index 8a2ed5fee..dfa2cc969 100644 --- a/modules/m_dns.cpp +++ b/modules/m_dns.cpp @@ -26,6 +26,11 @@ namespace */ class Packet : public Query { + static bool IsValidName(const Anope::string &name) + { + return name.find_first_not_of("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ.-") == Anope::string::npos; + } + void PackName(unsigned char *output, unsigned short output_size, unsigned short &pos, const Anope::string &name) { if (pos + name.length() + 2 > output_size) @@ -116,6 +121,9 @@ class Packet : public Query if (pos + 4 > input_size) throw SocketException("Unable to unpack question"); + if (!IsValidName(question.name)) + throw SocketException("Invalid question name"); + question.type = static_cast<QueryType>(input[pos] << 8 | input[pos + 1]); pos += 2; @@ -179,6 +187,10 @@ class Packet : public Query case QUERY_PTR: { record.rdata = this->UnpackName(input, input_size, pos); + + if (!IsValidName(record.rdata)) + throw SocketException("Invalid cname/ptr record data"); + break; } default: |